From: hlk at kramse.dk (Henrik Lund Kramshøj)
Subject: Unusual request

On torsdag, feb 13, 2003, at 00:26 Europe/Copenhagen, Paul Schmehl 
wrote:
>
> I need this for a "security roadshow" that we're putting together, so I
> can demonstrate how easy it is to break in to an unpatched box.  Can
> anybody point me in the right direction?
>
> I don't want exploit code.  This is just a simple string that you enter
> into the URL box in a browser.  It's at least two or three years old, I
> know.
even though unicode is old I think it is still very nice, as the 
discussion
about "hackertools" and making these illegal are very stupid and this
is the example that takes this to the limit - since other people
consider Internet Exploder a browser - wonder why? :)

that said I have had much benefit of using the latest SQL worm as a
demonstration for people, thanks to digitaloffense for providing
the worm.pl program and descriptions

Using two laptops with a cross-over cable you can simulate the
Internet, and using an ordinary laptop I can start the worm using
a single UDP 376 bytes and then receives a flood of 25000
packets a second
(10.0.0.1 is sending using worm.pl, 10.0.0.2 is setup to use
10.0.0.1 as default gw - even though it doesnt try to forward the
packets)

some words of advise/ideas:
make sure you use two machines
go through the setup of those - important to spend enough
time on that
make an example website on the IIS, enough to let the audience
understand that this could be their own website
then use a few 'dir c:' and other "read information" from the IIS

and THEN baaam smack them with a defacement or similar

I have done that several times and it works great
- feel free to contact me if you want more info

Best regards

--
Henrik Lund Kramsh?j, hlk@...mse.dk

Powered by blists - more mailing lists